You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by bu...@apache.org on 2002/03/26 00:52:36 UTC
DO NOT REPLY [Bug 7468] New: -
Logging has a NPE when security prevents property reading
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7468>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7468
Logging has a NPE when security prevents property reading
Summary: Logging has a NPE when security prevents property
reading
Product: Commons
Version: 1.0 Final
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Logging
AssignedTo: commons-dev@jakarta.apache.org
ReportedBy: tpv@spamcop.net
In LogFactoryImpl:
// Identify the Log implementation class we will be using
String logClassName = null;
try {
/** Read attributes **/
/** Read properties **/
/** Look for Log4J **/
/** Look for jdk1.4 **/
/** Use Default logger **/
} catch (SecurityException e) {
}
// Attempt to load the Log implementation class
Class logClass = null;
try {
logClass = loadClass(logClassName);
If a SecurityException occurs, then logClassName isn't ever set, and the
loadClass
method throws a NullPointerException.
What to do?
a) Throw the SecurityException instead. Better, because then the cause is at
least clearer (than the NPE), but probably not what we want.
b) Have the DefaultLogger setting occur outside of the "try". Better still, but
then you loose any chance of getting log4j or jdk1.4, just because you aren't
allowed to read system properties.
c) Only wrap the getProperty calls in the try block. I think this is the best
solution, but I'm not sure if any of the other code in there could raise a
SecruityException.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>